www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: LDAP: script to create groups and a template file from the SVN asf-authz file
Date Wed, 13 May 2009 13:37:27 GMT
On 13/05/2009, chris <chris@ia.gov> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>  Hash: SHA1
>
>  First a little background on what this is laying the ground work for.
>
>  We will consider the currently used asf-authorization as the definitive source for LDAP
groups and group membership.
>  Committers-[a-z] will be rolled into one committers group within LDAP since the issues
with editing the file will be no
>  more.
>
>  The original svn asf-authorization file will also be used to generate a template file
where the groups have been
>  replaced by {ldap:$groupname}.  That will later be expanded from source LDAP by a script
triggered by a SVN commit of
>  asf-authorization-template OR by a change in LDAP that concerns any SVN group.  Either
event will trigger a rebuild of
>  asf-authorization.
>
>  - ----
>
>  Tony, before running, be certain to edit the variables to fit.
>
>  http://arreyder.com/grpandtemplate-from-asfauthz.pl
>
>  from the comments:
>
>  ########################################################
>  # One time run script that reads asf-authorization.
>  # 1) Creates an LDIF of the groups found in asf-authz
>  #       preserving the local /etc/groups gid if found
>  #       else picks a new ones starting at the value of
>  #       $gid.
>  # 2) Creates a new asf-authorization-template that
>  #       that will be used by a later script to build
>  #       asf-authz groups from LDAP.
>  # ** Life will be easier if you roll the committers-*
>  #       groups and rights into one committers group
>  #       in the asf-authz file this is run against.

Yuk!
I know I'm not directly involved in this, but surely the script should
be able to deal with multiple committers-? groups?

Otherwise another script is going to have to be created just to do this.

>  # ** This should be run *before* any groups from the
>  #       the local /etc/groups have been imported.
>
>
>
>  crr/arreyder
>  chris@ia.gov
>  -----BEGIN PGP SIGNATURE-----
>  Version: GnuPG v2.0.10 (GNU/Linux)
>  Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>  iEYEARECAAYFAkoKy+wACgkQPmaZdRmQd+YU+wCdH4NJg9eawjBvz478czxr2d0l
>  lmkAnA4qnvMOpYqT2rVMELcwQVzFO5ys
>  =wwpc
>  -----END PGP SIGNATURE-----
>

Mime
View raw message